Privacy Impact Assessment: The Value of a PIA

Privacy Impact Assessment: The Value of a PIA

The Cambridge Analytica/Facebook privacy scandal has continued to produce headlines ever since detailed reports came out in mid-March. It has turned in some unexpected directions and produced some takeaways, not apparent earlier in the timeline.

After some speculation that Facebook could lose users in droves, the company has reported that, at least so far, users have not dropped off but in fact continued to grow following the scandal. Its stock price has recovered, too, as of this writing.

Cambridge Analytica, meanwhile, has lost its entire client base because of the incident, forcing it to shut down most of its operations and declare bankruptcy. The company also refuted allegations that it will resume operations under another name.

The harsh consequences for Cambridge Analytica, but marginal impact to Facebook, is a strange scenario. Either the public has accepted Mark Zuckerberg’s apology for the incident, or the platform is just so ingrained in our daily lives that most people just felt they had to move on anyway. If the latter is the case, it seems all the more critical that Facebook be vigilant about protecting its users’ privacy before an even more substantial breach of trust comes along to shake users to the core.

Facebook’s own actions do at least show a revived emphasis on privacy. The platform is launching tools that allow users to better manage their own data online. And if your organization is in the business of data sharing, you may want to take a cue from Facebook, prioritizing privacy throughout your systems and processes.

A privacy impact assessment (PIA) provides a strong foundation for privacy development initiatives. A PIA takes a look at how your organization’s operations and procedures impact privacy, providing a clearer view of where data needs extra protection, and where it is vulnerable to compromise. Ultimately, the assessment aims to accomplish three main goals:

Ensuring regulatory compliance with privacy standards

Determining risks

Analyzing the effectiveness of current solutions against alternatives

As part of our comprehensive consulting services, Lunarline offers PIAs, along with vulnerability assessments, malware assessments, and more. To start improving your data protection and building confidence in your privacy practices, contact us online today.